Systems Administrator (L3) - Budd Lake, NJ

This is a hands-on operational role. You own the day-to-day administration of client infrastructure: Windows Server, virtualization clusters, SAN and HCI storage, backup, Microsoft 365 and Azure tenants, and defined-scope network change work. You implement, operate, and maintain inside the framework set by the Principal Solutions Architect and the Senior Engineering team. You are not the designer. You are the operator who turns an approved design into a running, monitored, documented environment that passes audit.

At the L3 tier, you sit between the L2 Field Support Technicians and Senior Infrastructure and Network Security Engineering. L2 escalations land with you. Design questions and architecturally novel changes escalate up from you. You own the outcome at the server and platform layer at your assigned locations, and you touch the client environment every day., * Administer Windows Server environments: Active Directory, DNS, DHCP, Group Policy, file and print services, certificate services at an operational level

• Operate VMware vSphere or Microsoft Hyper-V clusters day to day: VM lifecycle, capacity monitoring, host patching, vMotion or Live Migration, HA and DRS behavior, snapshot hygiene
• SAN and HCI storage operations (NetApp, Pure Storage, Nutanix, VMware vSAN): provisioning, volume and LUN changes, capacity monitoring, health checks. Storage architecture sits with Senior Infrastructure Engineering.
• Veeam Backup and Replication operations: job management, backup verification, restore execution, immutable repository and tape operations where applicable, backup gap remediation
• Network change execution at a defined scope: firewall rule adds and modifications against approved standards, VLAN configuration on managed switches, switch port and access layer work. Routing, firewall architecture, and policy design sit with Senior Network Security Engineering.
• Microsoft 365 and Azure tenant administration: identity, licensing, Intune policy application, Conditional Access within established standards, basic tenant hygiene
• Operational SQL Server work in support of client ERP and line-of-business applications: installation, patching, version upgrades, backup coordination with Veeam, baseline instance administration. DBA-level query tuning, indexing, and application-side schema sit with client DBAs or application vendors.
• L2 escalation ownership: take the tickets that pass the endpoint and site layer, resolve within scope, or escalate cleanly to Senior Engineering
• STIG application and NIST 800-171 control execution at the server layer in support of CMMC L2 and SOC 2
• Client communication on infrastructure work, change windows, and incident response. You talk directly to client technical contacts and to non-technical stakeholders.
• Documentation: change records, operational runbooks, and audit-ready configuration records. Written so another engineer can operate the environment without asking you questions., MSP4 does not operate like a traditional IT department or a ticket-centric help desk. We function as embedded IT for our clients, accountable to their outcomes. Roles are tiered so a multi-client environment stays auditable and consistent under CMMC L2, NIST 800-171, and SOC 2. L2 owns the endpoint and site layer. You, at L3, own server and platform operations. Senior Engineers own implementation of complex infrastructure. The Principal Solutions Architect owns design.

• 4 to 6 years of systems administration experience in a multi-client service delivery environment
• Windows Server operational depth: Active Directory, DNS, DHCP, Group Policy, PKI basics, file and print services. Not surface familiarity. Operational depth.
• Production virtualization experience on VMware vSphere or Microsoft Hyper-V: host and cluster administration, VM lifecycle, patching, snapshot management, HA and DRS behavior at an operator level
• Working SAN or HCI storage operations across at least one of NetApp ONTAP, Pure Storage, Nutanix, or VMware vSAN. You can provision, monitor, and resize. You know when a storage change exceeds your scope and sits with Senior Infrastructure Engineering.
• Veeam Backup and Replication operational experience: backup jobs, restores, repository management, backup failure triage
• Network operations at a defined scope: firewall rule changes against an approved standard, VLAN configuration, switch port and access layer work. You know when to stop and escalate to Senior Network Security Engineering.
• Microsoft 365 and Azure tenant administration at a production level, including Intune and Conditional Access within established standards
• Operational SQL Server familiarity: installation, patching, licensing awareness, backup coordination with Veeam, basic instance administration. Not DBA-level query optimization.
• Working knowledge of STIG application and NIST 800-171 control execution at the server layer
• Ticketing discipline in a PSA (HaloPSA preferred; ConnectWise, Autotask, ServiceNow, or equivalent also transferable). Change records clean and audit-ready.
• Communication that works three ways: with non-technical client stakeholders, with the L2 Field Support Technicians below you in the escalation path, and with Senior Engineering above
• Relevant certifications (Microsoft MCSA or Azure, VMware VCP, Veeam VMCE) are a plus, not a requirement
• Prior experience in a multi-client service delivery environment